<?php
# ============================================================================
# 版权所有  Chilcoo.com，并保留所有权利。
# 网站地址: http://www.chilcoo.com/erphp
# ----------------------------------------------------------------------------
# 这不是一个自由软件！你不能通过任何方式破解本软件.
# 使用:不允许对程序代码以任何形式任何目的的再发布。
# ============================================================================
# $Author: Chilcoo Inc. *
# $Official website : www.chilcoo.com
# 
# 文件信息:
# File : /adm/default.php
# 人员列表页面
error_reporting(E_ERROR | E_WARNING | E_PARSE);
# 载入常用集
require_once (dirname(__FILE__).'/../../include/common.inc.php');
require_once (dirname(__FILE__).'/../../include/_manager/login.inc.php');
# 页面级别
$conf_web_page_level = 60;

class page_index  extends page{
	public $listview;
	public $storey = 0;
	function __construct(){
		$this->database = new db(config::conf_db_host,config::conf_db_user,
			config::conf_db_password,config::conf_db_name);
		$this->listview = array();
	}
	function len(){
		$len = 0;
		try{
			$sql = "SELECT cs2_admin.name FROM cs2_admin;";
			$len = $this->database->count($sql);
		}catch (Exception $e) {
			$len = -1;
		}
		return $len;
	}
	function level_listview(){
		$lv;
		try{
			$sql = "SELECT levelId,levelno,`name` FROM cs2_level WHERE levelno < 99;";
			$lv = $this->database->select($sql);
		}catch (Exception $e) {
			$lv = null;
		}
		return $lv;
	}
	
	function admin_root_list(){
		$rootId = -1;
		$sql = "SELECT b.loginId, b.adminId, b.name, cs2_level.name as levelname,
				b.level, b.shopId, b.mobile, b.qq, b.email,b.checker,b.rootAdmin,b.token
			FROM  cs2_admin AS b LEFT JOIN cs2_level ON cs2_level.levelId = b.level
			WHERE (b.adminId = 1);";
		//array_push(list, data);
		
		$this->listview[$rootId]= $this->database->select($sql);
		if(count($this->listview[$rootId]) == 0){
			unset($this->listview[$rootId]);
			return;
		}
		$this->storey ++;
		for ($i = 0; $i < count($this->listview[$rootId]); $i++) {
			$this->admin_list($this->listview[$rootId][$i]['adminId']);
		}
	}
	
	function admin_list($rootId){
		$sql = "SELECT b.loginId, b.adminId, b.name, cs2_level.name as levelname,
				b.level, b.shopId, b.mobile, b.qq, b.email,b.checker,b.rootAdmin,b.token
			FROM (cs2_admin AS a, cs2_admin AS b) LEFT JOIN cs2_level ON cs2_level.levelId = b.level
			WHERE (a.adminId=b.rootAdmin) AND (a.adminId=".$rootId." or b.rootAdmin=".$rootId.");";
		//array_push(list, data);
		$this->listview[$rootId]= $this->database->select($sql);
		if(count($this->listview[$rootId]) == 0){
			unset($this->listview[$rootId]);
			return;
		}
		$this->storey ++;
		for ($i = 0; $i < count($this->listview[$rootId]); $i++) {
			$this->admin_list($this->listview[$rootId][$i]['adminId']);
		}
	}
	
	function ajax_callback(){
		global $config;
		# POST 数据
		$token = $_POST['token'];
		# 初始返回用 json
		$json = array("ref"=>"error");
		if($token == config::TOKEN_UP_ADMIN){
			$name = $_POST['name'];
			$adminId = $_POST['adminId'];
			$mobile = $_POST['mobile'];
			$qq = $_POST['qq'];
			$email = $_POST['email'];
			$level = $_POST['level'];
			$passwd_update_type = $_POST['passwd_update_type'];
			$passwdold = $_POST['passwdold'];
			$passwd = $_POST['passwd'];
			
			$sql = "SELECT passwd FROM cs2_admin WHERE (adminId='".$adminId."')";
			$row = $this->database->get_one($sql);
			if($row['passwd'] != md5($passwdold)){
				$json = array("ref"=>"OLDPASSERROR");
			}else{
				$sql = "UPDATE cs2_admin SET 
				name='".$name."' ,
				mobile='".$mobile."' ,
				qq='".$qq."' ,
				email='".$email."' ,
				level='".$level."' ,
				name='".$name."' ";
				if($passwd_update_type == 1){
					$sql = $sql.", passwd='".md5($passwd)."' ";
				}
				$sql = $sql."WHERE (adminId =". $adminId.");";
				try {
					$this->database->update($sql);
					$json = array("ref"=>"OK");
				} catch (Exception $e) {
					$json = array("ref"=>"error,database.");
				}
			}
		}
		if($token == config::TOKEN_DEL_ADMIN){
			$adminId = $_POST['adminId'];
			$sql = "DELETE FROM cs2_admin WHERE (adminId=".$adminId.")";
			try {
				$this->database->delete($sql);
				$json = array("ref"=>"OK");
			} catch (Exception $e) {
				$json = array("ref"=>"error,database.");
			}
		}
		if($token == config::TOKEN_ADD_ADMIN){
			$name = $_POST['name'];
			$loginId = $_POST['loginId'];
			$mobile = $_POST['mobile'];
			$qq = $_POST['qq'];
			$email = $_POST['email'];
			$level = $_POST['level'];
			$passwd = $_POST['passwd'];
			
			$sql = "SELECT count(*) as cnt FROM cs2_admin WHERE (loginId='".$loginId."')";
			$row = $this->database->get_one($sql);
			
			if($row['cnt'] != 0){
				$json = array("ref"=>"LOGINID_EXIST");
			}else{
				$sql = "INSERT INTO cs2_admin (loginId,name,mobile,qq,email,level,passwd,token) 
					VALUES ('".strtolower($loginId)."','".$name."','".$mobile."','".$qq."','".$email."',".$level.",'".md5($passwd)."','".$config->guid()."');";
				try {
					$this->database->insert($sql);
					$json = array("ref"=>"OK");
				} catch (Exception $e) {
					$json = array("ref"=>"error,database.");
				}
			}
		}
		return json_encode($json);
	}
}

$pg = new page_index();
# 如果是根
if($_login->adminId == 1)
	$pg->admin_root_list();
	#$pg->admin_list($_login->adminId);
# 不是根
else
	$pg->admin_list(1);
	#$pg->admin_list($_login->rootAdmin);
## Session 和 POST 安全访问.
if($_SERVER['REQUEST_METHOD'] != 'POST'){
	$_SESSION[config::conf_session_id_token] = $config->web_page_period;
	$config->smarty->assign('len', $pg->len());
	$config->smarty->assign('storey', $pg->storey);
	$config->smarty->assign('admin_list', $pg->listview);
	$config->smarty->assign('level_listview', $pg->level_listview());
	$pg->render($config->temp_page_path.config::conf_web_template_extension);
}else{
	print_r($pg->ajax_callback());
}
?>